package com.littleHan.brushQuestions.shiro;

import com.littleHan.brushQuestions.web.start.pojo.GeneralUser;
import com.littleHan.brushQuestions.web.start.pojo.Permission;
import com.littleHan.brushQuestions.web.start.pojo.Role;
import com.littleHan.brushQuestions.web.start.service.LoginService;
import com.littleHan.brushQuestions.web.start.service.PermissionService;
import com.littleHan.brushQuestions.web.start.service.RoleService;
import com.littleHan.brushQuestions.token.JwtToken;
import com.littleHan.brushQuestions.utils.JwtUtil;

import io.jsonwebtoken.Claims;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * 自定义Realm
 */
@Component
public class ShiroRealm extends AuthorizingRealm {

    @Autowired
    private LoginService loginService;

    @Autowired
    private RoleService roleService;

    @Autowired
    private PermissionService permissionService;

    /**
     * 访问授权
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String username=(String) principalCollection.iterator().next();
        List<Role> roleList=roleService.getRolesByUsername(username);
        List<Permission> permissionList=permissionService.getPermission(username);
        Set<String> roleSet=new HashSet<>();
        Set<String> permissionSet=new HashSet<>();
        for(Role r:roleList){
            roleSet.add(r.getName());
        }
        for(Permission p:permissionList){
            permissionSet.add(p.getCode());
        }
        SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
        info.setRoles(roleSet);
        info.setStringPermissions(permissionSet);
        return info;
    }

    /**
     * 登录认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        JwtToken jwtToken=(JwtToken)authenticationToken;
        String jwt=(String) jwtToken.getPrincipal();
        Claims claims= JwtUtil.parseJWT(jwt);
        String username=claims.getId();
        GeneralUser generalUser=loginService.getGeneralUserByUsername(username);
        if(generalUser==null){
            return null;
        }
        //认证密码
        // 参数1：数据库中用户名  参数2：数据库中密码  参数3：realmName，系统运行时会自动生成，通过父类的方法获取realmName
        return new SimpleAuthenticationInfo(username,
                generalUser.getPassword(),
                this.getName());
    }

    /**
     * 用来判断传来的token是不是JwtToken
     * @param token
     * @return
     */
    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof JwtToken;
    }
}
